I know nothing about LDAP / OpenLDAP. With that out of the way...
I have a CentOS 5 machine running openldap-2.3.27-8 I just built a
CentOS 5.2 machine with openldap-2.3.27-8.el5_1.3 My goal is to have
the LDAP on the first machine synch with, and stay synched to, the LDAP
on the second machine, so if the first machine dies I can bring up an
interface with it's IP on the second and get authentication working
again.
I've Googled "LDAP replication" and "LDAP synchronization". Both terms
lead me to a variety of papers that have a variety of ideas of how this
should be done, and some have diagrams of convoluted networks involving
multiple load balancers, etc. Since I know nothing about LDAP or
OpenLDAP, it is very difficult for me to evaluate what I'm seeing... is
this way "best", but because it's part of a globe-spanning install with
hundreds of thousands of users?
I'm hoping for a pointer to a nice, simple document that doesn't
pre-suppose any depth of knowledge and isn't part of a Holy War over
which method of doing this confers the greatest bragging rights :-)
--
***********************************************************************
* John Oliver http://www.john-oliver.net/ *
* *
***********************************************************************